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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application. 

Listing of Claims: 

Proposed Amended Claims 

1. (Currently Amended) A Virtual Private Network (VPN) communication method employed 
for a security gateway apparatus connecting between a local area network (LAN) and a wide 
area network (WAN) including a public network, the communication method comprising the 
steps of: 

a) d i str i but i ng assigning a first IP address to a terminal outside said LAN; 

b) adding a Dynamic Host Configuration Protocol (DHCP) communication option to an 
Internet Key Exchange (IKE) data, when establishing an IKE communication with [[a]]said 
terminal outside the LAN having a dtektp-connection with the WAN; 

c ) d i stribut i ng assigning a second IP address from a -an inside terminal within the LAN to 
the terminal outside the LAN during the IKE communication , said second address independent 
of said first address : and 

d) establishing a Security Architecture for the Internet Protocol (IPsec) communication 
that follows the IKE communication, which includes said first IP address and said second IP 
address, 

wherein the gateway apparatus designates the first IP address for the outside terminal 
from a tunneled IP packet. 

2. (Original) The VPN communication method employed for the security gateway 
apparatus as defined in claim 1, wherein an IP address and a subnet mask address, which have 
same segments as those of the LAN, are distributed to the outside terminal, thereby the outside 
terminal can be virtually regarded as a terminal on the LAN. 
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3. (Original) The VPN communication method for the security gateway apparatus as 
defined in claim 1, wherein the outside terminal is provided, during the IKE communication, 
with a private IP address that is used on the LAN, in a case that the LAN is configured with 
private IP addresses, whereby the outside terminal is allowed to access to a terminal on the 
LAN. 

4. (Previously Presented) The VPN communication method for the security gateway 
apparatus according to claim 1, wherein an encryption key and an authentication key are 
exchanged with a public key cryptosystem during the IKE communication. 

5. (Previously Presented) The VPN communication method for the security gateway 
apparatus according to claim 1, wherein the DHCP communication option contains an IP address 
and a subnet mask. 

6. (Currently Amended) A security gateway apparatus connecting between a local area 
network (LAN) and a wide area network (WAN) including a public network, the apparatus 
comprising: 

a) a Dynamic Host Configuration Protocol (DHCP) option adding section adding a DHCP 
communication option to an IKE data when establishing an IKE communication with [[a]]an 
outside terminal having a first IP address distributed from outside the LAN having a connection 
with the WAN; 

b) an IP address distribution section d i stributing assigning a second IP address from an 
inside terminal within the LAN to the outside terminal during the IKE communication J _said 
second address independent of said first address : and 

c) an IPsec communication section performing an IPsec communication that follows the 
IKE communication, which includes said first IP address and said second IP address, 

wherein, the gateway apparatus designates the first IP address for the outside terminal 
from a tunneled IP packet. 

7. (Original) The security gateway apparatus as defined in claim 6, wherein an IP address 
and a subnet mask address, which have same segments as those of the LAN, are distributed to 



Page 3 of 7 



Application No.: 09/729,262 
Amendment Dated March 22, 2005 
Reply to Office Action of January 25, 2005 



MAT-8067US 



the outside terminal, thereby the outside terminal can be virtually regarded as a terminal on 
the LAN. 

8. (Original) The security gateway apparatus as defined in claim 6, wherein the outside 
terminal is provided, during the IKE communication, with a private IP address which is the 
same as one used on the LAN in a case that the LAN is configured with private IP addresses, 
whereby the outside terminal is allowed to access to a terminal on the LAN. 

9. (Previously Presented) The security gateway apparatus according to claim 6, wherein an 
encryption key and an authentication key are exchanged with a public key cryptosystem during 
the IKE communication. 

10. (Previously Presented) The security gateway apparatus according to claim 6, wherein 
the DHCP communication option contains an IP address and a subnet mask. 

11. (Previously Presented) The VPN communication method for the security gateway 
apparatus according to claim 2, wherein an encryption key and an authentication key are 
exchanged with a public key cryptosystem during the IKE communication. 

12. (Previously Presented) The VPN communication method for the security gateway 
apparatus according to claim 3, wherein an encryption key and an authentication key are 
exchanged with a public key cryptosystem during the IKE communication. 

13. (Previously Presented) The VPN communication method for the security gateway 
apparatus according to claim 2, wherein the DHCP communication option contains an IP address 
and a subnet mask. 

14. (Previously Presented) The VPN communication method for the security gateway 
apparatus according to claim 2, wherein the DHCP communication option contains an IP address 
and a subnet mask. 

15. (Previously Presented) The security gateway apparatus according to claim 7, wherein an 
encryption key and an authentication key are exchanged with a public key cryptosystem during 
the IKE communication. 
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16. (Previously Presented) The security gateway apparatus according to claim 8, wherein an 
encryption key and an authentication key are exchanged with a public key cryptosystem during 
the IKE communication. 

17. (Previously Presented) The security gateway apparatus according to claim 7, wherein the 
DHCP communication option contains an IP address and a subnet mask. 

18. (Previously Presented) The security gateway apparatus according to claim 8, wherein the 
DHCP communication option contains an IP address and a subnet mask. 

19. (Previously Presented) The VPN communication method employed for the security 
gateway apparatus as defined in claim 1, wherein said terminal outside the LAN has a dialup 
connection with the WAN. 

20. (Previously Presented) The VPN communication method employed for the security 
gateway apparatus as defined in claim 1, wherein said second IP address is automatically 
distributed from the terminal within the LAN to the terminal outside the LAN during the IKE 
communication. 

21. (Previously Presented) The security gateway apparatus as defined in claim 6, wherein 
said terminal outside the LAN has a dialup connection with the WAN. 

22. (Previously Presented) The security gateway apparatus as defined in claim 6, wherein 
said second IP address is automatically distributed from the terminal within the LAN to the 
terminal outside the LAN during the IKE communication. 

23. (New) A VPN communication method according to claim 1, wherein said first IP address 
is assigned to said terminal from outside LAN. 
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